HMGSCRIPT Next Steps...

Moderator: Rathinagiri

Post Reply
User avatar
Roberto Lopez
HMG Founder
Posts: 4004
Joined: Wed Jul 30, 2008 6:43 pm

HMGSCRIPT Next Steps...

Post by Roberto Lopez »

Hi All,

My main goal at this moment is to make HMGSCRIPT, independent of server technology, meaning that the library and client app code could work with any backend without modifications.

Basically, I'm removing dbquery, dbappend, dbdelete and dbmodify functions from the library and replacing with only one function that should be used for all the server requests.

So, using dbquery as an example, the following code:

Code: Select all

	aRecordSet = DbQuery ( 'table' , 
		[ 'code' , 'first' , 'last' , 'birth' , 'married' ] , 
		'code<=10 .or. code>=1000' , '' );
Will be replaced by:

Code: Select all

	aRecordSet = httpRequest ( '/cgi-bin/myquery.cgi' , 'table' , 
		[ 'code' , 'first' , 'last' , 'birth' , 'married' ] , 
		'code<=10 .or. code>=1000' , '' );
This is already working in my tests.

Another thing to be done, is to make array data transfers using a standard format (probably JSON) but I've not decided yet.
Regards/Saludos,

Roberto


(Veritas Filia Temporis)
User avatar
Roberto Lopez
HMG Founder
Posts: 4004
Joined: Wed Jul 30, 2008 6:43 pm

Re: HMGSCRIPT Next Steps...

Post by Roberto Lopez »

And...

Currently, this is the code for the new httpRequest function:

Code: Select all

//////////////////////////////////////////////////////////////////////////////////
// HttpRequest
//////////////////////////////////////////////////////////////////////////////////

function httpRequest()
{

	var i;

	var cmd = '';

	for (i = 1; i < arguments.length; i++)
	{

		if ( type(arguments[i]) == 'array' ) 
		{
			cmd += 'par_' + i.toString() + '=' + escape(JsToHrb(arguments[i]));
		}
		else
		{
			cmd += 'par_' + i.toString() + '=' + escape(arguments[i]);
		}

		cmd += '&' ;

	}

	cmd += 'sessionId=' + cSessionId;

	var xmlHttp=new XMLHttpRequest();
	xmlHttp.open( "POST" , arguments[0]  , false ) ;
	xmlHttp.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
	xmlHttp.send( cmd );

	if ( xmlHttp.responseText.slice(0,7) == 'ERROR -' )
	{
		alert(xmlHttp.responseText);
		return '';
	}
	else
	{

		var tmp = xmlHttp.responseText;
	        var strResponseArray = tmp.split('\n');
		var strContentArray = strResponseArray[0].split('\t');
		var nRecordCount = strResponseArray.length;

		if ( nRecordCount > 0 )
		{

			var nFieldCount = strContentArray.length;
			var aRecordSet = new Array(nRecordCount); 

			for ( var i = 0; i < nRecordCount; i++) 
			{ 
				strContentArray = strResponseArray[i].split('\t');
				aRecordSet[i] =  new Array(nFieldCount);  
				for (j=0; j < nFieldCount; j++) 
				{ 
					aRecordSet[i][j] = strContentArray[j]; 
				} 

			} 

			return aRecordSet ;

		}
		else
		{		
			return xmlHttp.responseText;
		}

	}

}
The server side (Harbour) code, is exactly the same as 'query.prg' excepting parameter names.

They must be:

Code: Select all

	cTable		:= GetValue ( "par_1" )
	aColumns	:= &(GetValue (  "par_2" ) )
	cForExpr	:= GetValue (  "par_3" )
	cOrder		:= GetValue (  "par_4" )
	cSessionId	:= GetValue (  "sessionId" )
Regards/Saludos,

Roberto


(Veritas Filia Temporis)
User avatar
Roberto Lopez
HMG Founder
Posts: 4004
Joined: Wed Jul 30, 2008 6:43 pm

Re: HMGSCRIPT Next Steps...

Post by Roberto Lopez »

Finally:

Another benefit of this scheme, is enhanced security.

As I've stated in another post, having generic (very powerful) functions like dbDelete, dbAppend, etc. could become a serious security risk.

Replacing them by customized server procedures, with limited functionality, will give us a more secure infrastructure.
Regards/Saludos,

Roberto


(Veritas Filia Temporis)
User avatar
Pablo César
Posts: 4059
Joined: Wed Sep 08, 2010 1:18 pm
Location: Curitiba - Brasil

Re: HMGSCRIPT Next Steps...

Post by Pablo César »

Nice Roberto !
HMGing a better world
"Matter tells space how to curve, space tells matter how to move."
Albert Einstein
User avatar
serge_girard
Posts: 3158
Joined: Sun Nov 25, 2012 2:44 pm
DBs Used: 1 MySQL - MariaDB
2 DBF
Location: Belgium
Contact:

Re: HMGSCRIPT Next Steps...

Post by serge_girard »

Thanks Roberto !

Serge
There's nothing you can do that can't be done...
Post Reply